VPN on Shared Firewall??

Posted on 2009-05-22
Medium Priority
Last Modified: 2012-05-07
Hi all,

I have a dedicated server located behind my hosting companies shared firewall. I require a VPN setting up to another server and wondered if it is possible for a hosting company to configure this on their shared firewall. If they do say they could do it is there any security risks involved in havving a dedicated VPN tunnel on a shared firewall? Or can it be locked down securely?

I wanted to ask this question here first before I contact the hosting company as I think the company will just try to sell me a dedicated firewall without any consideration.

Many thanks

Question by:Cragly
LVL 18

Accepted Solution

deimark earned 1000 total points
ID: 24449258
It depends on how the providers "shares" the firewall.

If they apply VLANs or separate networks interfaces fro each customer,t hen they should be able to set up VPNs only for your networks.

Yes it does imply some form of security issue just due the shared nature of the firewall but in practice, only traffic to and from your network will get encrypted/decrypted by the firewall

LVL 14

Assisted Solution

Roachy1979 earned 1000 total points
ID: 24461756
Agree with deimark....

A properly configured shared firewall shouldn't pose any greater risks than those you would face when you are trusting ANY third party with your security.

It would be interesting to see how they actually implement this, but if they VLAN traffic or if the firewall has separate physical interfaces then it should be ok....

Author Closing Comment

ID: 31584303
Thanks guys just the sort of answer i was looking for.

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question